Gitleaks: Open-source solution for detecting secrets in your code
Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million …
New ransomware, infostealers pose growing risk in 2024
BlackBerry detected and stopped 3.1 million cyberattacks (37,000 per day) in the first quarter of 2024. Between January and March 2024, BlackBerry detected 630,000 malicious …
75% of new vulnerabilities exploited within 19 days
Last year alone, over 30,000 new vulnerabilities were published, with a new vulnerability emerging approximately every 17 minutes — averaging 600 new vulnerabilities per week, …
Enterprises increasingly turn to cloud and AI for database management
Across various tasks, from predictive analytics to code generation, organizations in all sectors are exploring how AI can add value and increase efficiency. In this Help Net …
Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys
A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection. The campaign …
Developer errors lead to long-term exposure of sensitive data in Git repos
Credentials, API tokens, and passkeys – collectively referred to as secrets – from organizations around the globe were exposed for years, according to Aqua Security’s …
Compromised plugins found on WordPress.org
An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them …
Cybersecurity jobs available right now: June 26, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. CISO Influx | Indonesia | Remote – No longer …
Future trends in cyber warfare: Predictions for AI integration and space-based operations
In this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors. …
B+ security rating masks healthcare supply chain risks
While the healthcare sector gets a “B+” security rating for the first half of 2024, it faces a critical vulnerability: supply chain cyber risk, according to SecurityScorecard. …
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)
Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software …
Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach
Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian …